Privacy on the Internet is something that more and more people are starting to think about. With the redaction of the Net Neutrality law in the states and the increasing cases of identity theft, many people are looking for ways to stay protected.
But how do you protect yourself?
Something that can always be used to identify someone on the Internet is an IP-adress. Since most users access the Internet from home the IP address can be used to identify your Internet traffic.
The two major solution for this is: VPN and TOR. VPN does give protection to a certain degree but all your traffic does still go through a central point that could save and disclose your traffic. So the way to go if you really want your personal traffic to stay private is to use a TOR browser.
But surfing without disclosing your IP address is only the first step to staying private. There is so much on the Internet that requires some kind of information transfer and this will immediately be linked to a document, credit card, e-mail etc... and again your private information is at risk.
So how do I make transfers without risking your privacy?
In order to perform REALLY private transfers there are three conditions that need to be fulfilled:
- Your (and your receivers) IP transfer addresses must stay private
- There should not be any way to link two addresses to any single transfer
- The transfer details (amount, addresses, passwords) needs to be hidden/encrypted
I use the word transfer since it could include: payments, files, e-mails or even messages. The point being that communication between two parties should never be at risk.
Point 1 has already been answered. This could be done by VPNs or better yet via the TOR network.
Disclaimer: I know of the conspiracy theories that TOR, being created by CIA/NSA, left a back door open and therefore you are not truly safe. But even if that is true then you should still be safe from 99,99% (or similar) types of spying from "regular people" so I won't cover this here.
Point 2 and 3 has some different solutions but I will list the ones that I know of:
- I2P tunneling
- Multi-signature transfers combined with Zero-Knowledge proof
Extra Note: There is one aspect of Internet surfing where VPN might still be the most practical solution (despite the slight drawback in privacy) and that is during P2P downloading. Since I2P and Multi-sig + Knowledge proof approaches are relatively slow, so these do not suit themselves for transfers of large amounts of data. In this case VPN:s is still the most ideal solution in my opinion.
I2P
I2P tunneling is basically an "Internet within the Internet" whereby using IPv6 all data sent over the internal network is made anonymous. By having an application that can use TOR for browsing the "regular" Internet securely and I2P tunneling for performing transfers your identity should be protected at all times.
Multi-sig + Zero-Knowledge
The Multi-sig combined with Zero-knowledge proof sound more complicated but is actually easier to understand than the complexities involved in I2P tunneling. Multi-sig involves performing a transfer via several "nodes" before reaching the final destination and Zero-knowledge ensures that each receiver has no knowledge of what is being sent except that it matches that what should be received. The internal transfer information is never disclosed to the intermediaries or the rest of the network. Only sender and receiver will be able to see the transfer details.
That is nice to know but how do I use this information?
There are two project that I have found that directly are trying to solve "our" problem of privacy using these specific methods. Those two are Verge: TOR + I2P tunneling and DeepOnion :Multi-sig + Zero-Knowledge proof.
As you can probably understand I am positive about both of these projects. Verge seems to be aimed more at created a secure internal network where users can connect to each other in a secure and anonymous way. On the other hand DeepOnion seems to be building more of a platform where applications can be built that use the underlying "communication-layers" to ensure the privacy of their users.
Both approaches seem to have long future prospects so now it might be personal preference but I see slightly more future potential in the DeepOnion platform project. I think of it as Apps built on an OS which means that, as long as the, OS is sound the possible applications are limitless.
What is especially exciting about DeepOnion is that we have already got some "previews" of the possible applications that are coming for this platform: DeepVault and WooCommerce.
The DeepVault application is a service which you will be able to use, anonymously, to verify file immutability in: Contracts, Copyright claims and more. The application already exist and is available for use but since the communication layer is still being developed, payments to the applications are not yet fully anonymous.
WooCommerce is a commercial plug-in for buying/selling goods without disclosing any personal information. Everything can be payed, anonymously and securely via the DeepOnion crypto coin: ONIONs.
I am not planning to go into more depth here on the specific applications but I hope you see my point of being able to develop "Apps" on a anonymous platform. It would be easy for anyone new to this space, to start protecting themselves. Simply by using the applications created on the platform you would stay completely secure and protected at all times.
If you want to find out more about DeepOnion and Verge feel free to check out these links:
Verge Homepage
Verge Blackpaper
DeepOnion Homepage
DeepOnion Whitepaper
DeepOnion Community Forum
DeepOnion BCT ANN Thread
Want to read more about I2P and Zero-Knowledge Proof? Have a look at:
I2P Wiki: https://en.wikipedia.org/wiki/I2P
I2P An idiots guide: https://www.bestvpn.com/i2p-idiots-introduction/
Zero-Knowledge Proof Wiki: https://en.wikipedia.org/wiki/Zero-knowledge_proof
Zero-Knowledge Proof Explained like I am five: https://hackernoon.com/eli5-zero-knowledge-proof-78a276db9eff